CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1620 – nss: TLS CBC padding timing attack
https://notcve.org/view.php?id=CVE-2013-1620
08 Feb 2013 — The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. La implementación en Mozilla Network Security Services (NSS) de TLS no tiene debidamente en cuenta tiempos de canal... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2011-3559
https://notcve.org/view.php?id=CVE-2011-3559
18 Oct 2011 — Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container. Vulnerabilidad no especificada en Oracle Communications Server v2.0, GlassFish Enterprise Server v2.1.1, v3.0.1, y v3.1.1, y Sun Java System App Server v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relaci... • http://osvdb.org/76476 •